Biometrics authentication method and biometrics authentication device

ABSTRACT

A biometrics authentication device uses biometrics information to perform individual authentication. Primary and secondary verification of biometrics characteristic data from an image capture device are performed by a control unit and IC card. The biometrics character data is scrambled and transmitted between devices. The second registration data which is more important to authentication is stored within the IC card, and first registration data is registered in the IC card in a scrambled state. Security is improved, and moreover the load on the CPU of the IC chip in the IC card is reduced.

CROSS-REFERENCE TO RELATED APPLICATIONS

This application is based upon and claims the benefit of priority fromthe prior Japanese Patent Application No. 2004-296974, filed on Oct. 8,2004, the entire contents of which are incorporated herein by reference.

BACKGROUND OF THE INVENTION

1. Field of the Invention

This invention relates to a biometrics authentication method andbiometrics authentication device to authenticate individuals usingfeatures of a portion of the human body, and in particular relates to abiometrics authentication method and biometrics authentication devicesuitable for verifying registered blood vessel image information for abody part against blood vessel information detected for a body part, ina contactless manner.

2. Description of the Related Art

In the human body there are numerous parts which can be used todifferentiate individuals, such as fingerprints of hand and toe, theretinas of the eyes, facial features, and blood vessel patterns.Advances in biometrics technology in recent years have been accompaniedby proposals of various devices which identify biometricscharacteristics which are such regions of the human body to authenticateindividuals.

Of these, because blood vessels and pin the palms and fingers and palmprints provide a comparatively large quantity of individualcharacteristic data, they are suited to individual authentication wherehigh reliability is required. In particular, the patterns of bloodvessels (veins) remain unchanged from the fetus throughout life, and arethought to be completely unique, and so are suited to individualauthentication. FIG. 19 through FIG. 22 explain conventional technologyfor authentication using the palm. As shown in FIG. 19, at the time ofregistration or authentication, the user brings the palm of a hand 110close to an image capture device 100. The image capture device 100 emitsnear-infrared rays, which are incident on the palm of the hand 110. Theimage capture device 100 receives the near-infrared rays reflected fromthe palm of the hand 110 using a sensor.

As shown in FIG. 20, hemoglobin within the red corpuscles flowing in theveins 112 has lost oxygen. This hemoglobin (reduced hemoglobin) absorbsnear-infrared rays at wavelengths near 760 nanometers. Consequently whennear-infrared rays are made incident on the palm of a hand, reflectionis reduced only in the areas in which there are veins, and the intensityof the reflected near-infrared rays can be used to identify thepositions of veins.

As shown in FIG. 19, a user first registers in a server and card thevein image data for the palm of his own hand, using the image capturedevice 100 of FIG. 19. Next, in order to perform individualauthentication, the user uses the image capture device 100 of FIG. 19 tocause the vein image data of his own palm to be read.

The individual is authenticated by comparing the patterns of veins inthe registered vein image retrieved using the user's ID and in the veinverification image read by the image capture device 100. For example, oncomparing the vein patterns in the registered image and a verificationimage as in FIG. 21, the individual is authenticated as the individualin question. On the other hand, upon comparison of the vein patterns ina registered image and in a verification image as in FIG. 22, theindividual is not authenticated (see for example Japanese PatentLaid-open No. 2004-062826).

In a biometrics authentication system, measures must be taken to ensurethat biometrics characteristic data is not leaked to outside parties.Hence in the field of fingerprint authentication, a method of individualauthentication has been proposed in which fingerprint characteristicdata for an individual is registered in an IC card, and fingerprintcharacteristic data read from a fingerprint sensor is verified againstthe data within the IC card (Japanese Patent Laid-open No. 2000-293643).

Further, in the above proposal, the IC card stores comparativelylow-level characteristic data A (which may be leaked to outsideparties), and comparatively high-level characteristic data B whichshould be kept confidential, taking into consideration the processingcapacity of the IC cards. Characteristic data A is transmitted from theIC card to an external device including a fingerprint sensor, and in theexternal device verification with the characteristic data A (called“primary verification”) is performed. The verification result andcharacteristic data B′ extracted from an image from the fingerprintsensor are transmitted to the IC card, and within the IC cardverification with the characteristic data B (called “secondaryverification”) is performed.

In this method, two stage verification operations are performed,externally and in the IC card, so that high-speed authentication can beachieved while maintaining security of biometrics characteristic data.

However, in order to further prevent leakage of characteristic data,security measures should also be applied to communication between thesensor, external device, and the IC card. In the above-describedtechnology of the prior art, at the time of registration ofcharacteristic data A, B in the IC card from the external device, datais encrypted and transmitted, and is decrypted and stored in the IC card(Japanese Patent Laid-open No. 2000-293643, paragraph 0055). And toperform secondary verification, characteristic data B′ is encrypted andtransmitted from the external device to the IC card, and is decryptedand used in secondary verification in the IC card (Japanese PatentLaid-open No. 2000-293643, paragraphs 0061, 0062).

However, in the technology of the prior art, no security measures aretaken with respect to biometrics information sent from the sensor to theexternal device at the times of registration and verification.Consequently there are respects in which protection of biometricsinformation detected by the sensor is lacking. And becausecharacteristic data A which may be released externally is alsoencrypted, the IC card has had to bear the substantial processing burdenof decrypting the characteristic data A and B.

SUMMARY OF THE INVENTION

Hence an object of this invention is to provide an authenticationprocessing method for a biometrics authentication device and abiometrics authentication device which reduce the load on the IC cardwhile further improving the security of biometrics information.

A further object of the invention is to provide an authenticationprocessing method for a biometrics authentication device and abiometrics authentication device which effectively utilize theprocessing functions of an external device to reduce the load on the ICcard while further improving the security of biometrics information.

Still another object of the invention is to provide an authenticationprocessing method for a biometrics authentication device and abiometrics authentication device which reduce the load on the IC cardwhile further improving the security of complex biometrics information.

In order to achieve these objects, a biometrics authentication device ofthis invention detects and registers biometrics characteristic data froma body part, captures an image of the above body part, detects the abovebiometrics characteristic data from the captured image, verifies thecharacteristic data against the above registered characteristic data,and performs individual authentication. The device has an image capturedevice, which captures images of the above body part, and scrambles andtransmits the images; an IC card reader/writer, which reads and writesIC cards storing comparatively coarse first biometrics characteristicdata and comparatively fine second characteristic data of a user; and acontrol unit which performs verification processing. The above controlunit descrambles the above scrambled captured image, receives scrambledfirst characteristic data from the above IC card, performs primaryverification of the above captured image and the above firstcharacteristic data, creates final verification data, and scrambles andtransmits the above final verification data to the above IC card. Theabove IC card descrambles the above final verification data, andperforms secondary verification with the above stored secondcharacteristic data.

In this invention, it is preferable that the above control unit alignsthe above captured image and the above first characteristic data andcreate the above final verification data from the captured image.

In this invention, it is preferable that at the time of registration ofthe above characteristic data, the above control unit descramble theabove scrambled captured image from the image capture device, create thecomparatively coarse first biometrics characteristic data and thecomparatively fine second characteristic data for the above user fromthe above unscrambled captured image, scramble and transmit to the aboveIC card the above first biometrics characteristic data, and transmit tothe above IC card the above encrypted second characteristic data. Andthe above IC card decrypt and store the above encrypted secondcharacteristic data.

In this invention, it is preferable that the above control unit scramblethe above final verification data and transmit the data to the above ICcard reader/writer, and that at the above IC card reader/writer theabove scrambled final verification data be encrypted and transmitted tothe above control unit.

In this invention, it is preferable that the above image capture deviceis constructed of a unit for image capture of blood vessel images of theabove user, that the above first characteristic data be comparativelycoarse characteristic data of the above blood vessel images, and thatthe above second characteristic data be comparatively finecharacteristic data of the above blood vessel images.

In this invention, even through primary and second verification areperformed by different units, because data is scrambled and transmitted,and moreover registration data B of importance for authentication isstored within IC card while registration data A is registered in IC cardin a scrambled state, descrambling processing need not be performed bythe IC card. Because processing performed within the IC card isdescrambling of final verification data and verification, security isfurther improved, while keeping the load on the CPU of the IC chip inthe IC card low.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 shows the configuration of a biometrics authentication system ofone embodiment of the invention;

FIG. 2 shows the configuration of the bank window device of FIG. 1;

FIG. 3 is an external view of the image capture device of FIG. 1;

FIG. 4 shows the configuration of the image capture device of FIG. 3;

FIG. 5 is an external view of the ATM of FIG. 1;

FIG. 6 is a block diagram of the ATM of FIG. 5;

FIG. 7 is a functional block diagram of biometrics informationregistration/verification processing in one embodiment of the invention;

FIG. 8 explains the blood vessel image of FIG. 7;

FIG. 9 explains the blood vessel image data of FIG. 8;

FIG. 10 is a diagram of the flow of biometrics characteristic dataregistration processing in one embodiment of the invention;

FIG. 11 shows the flow of data in the registration processing of FIG.10;

FIG. 12 explains the registration processing of FIG. 10;

FIG. 13 explains the characteristic data A and B of FIG. 10;

FIG. 14 is a diagram of the flow of biometrics characteristic dataverification processing in one embodiment of the invention;

FIG. 15 shows the flow of data in the verification processing of FIG.14;

FIG. 16 explains the verification processing of FIG. 14;

FIG. 17 is a diagram of the flow of biometrics characteristic dataverification processing in another embodiment of the invention;

FIG. 18 shows the flow of data in the verification processing of FIG.17;

FIG. 19 explains a conventional palm image capture device;

FIG. 20 explains the principle of a conventional palm image capturedevice;

FIG. 21 explains conventional palm authentication technology; and,

FIG. 22 further explains conventional palm authentication technology.

DESCRIPTION OF THE PREFERRED EMBODIMENTS

Below, embodiments of the invention are explained in the order of abiometrics authentication system, biometrics authentication processing,biometrics characteristic data registration processing, biometricscharacteristic data authentication processing, and other embodiments.

Biometrics Authentication System

FIG. 1 shows the configuration of a biometrics authentication system ofone embodiment of the invention, FIG. 2 shows the configuration of thebusiness terminal device/bank window device of FIG. 1, FIG. 3 is anexternal view of the palm image capture device of FIG. 1 and FIG. 2,FIG. 4 shows the configuration of the image capture device of FIG. 3,FIG. 5 is an external view of the automated transaction machine of FIG.1, and FIG. 6 shows the configuration of the automated transactionmachine of FIG. 5.

FIG. 1 shows a palm vein pattern authentication system in a financialinstitution, as an example of a biometrics authentication system. A palmimage capture device 1 explained in FIG. 3 and a branch office terminal(for example, a personal computer) 3 connected thereto are provided inthe bank window area 2 of the financial institution. A user requestingvein pattern authentication places his hand over the palm image capturedevice (hereafter called the “image capture device”) 1. The imagecapture device 1 reads the palm image, and blood vessel extractionprocessing in the terminal device 3 extracts the vein pattern, and thispattern is registered as vein data in the terminal device 3.

This vein data is stored in the storage area 4 a of a database server 4connected to the terminal device 3 and in an individual card (forexample, an IC card) 5 held by the user. The server 4 is connected tothe bank window terminal device 8 of the bank window area 7 of thefinancial institution, and the bank window terminal device 8 isconnected to the image capture device 1.

In order to make a withdrawal or perform some other financialtransaction at the bank window area 7 of the financial institution, theuser inserts an IC card 5 into the IC card reader explained in FIG. 2,and places his hand over the image capture device 1 provided in the bankwindow area 7. The image capture device 1 reads the palm image, andblood vessel image extraction processing by the window terminal device 8extracts the vein pattern. Verification processing by the windowterminal device 8 verifies this vein pattern, as vein data, against thevein data registered in the IC card 5 to authenticate the individual.

The server 4 can be connected to an ATM (automated cashinsertion/dispensing machine) 6 of the financial institution, and thetransactions through vein authentication is performed by the ATM 6. Whena user employs the ATM 6 to make a withdrawal or perform some otherfinancial transaction, the user places his hand over the image capturedevice 1-1 provided in the ATM 6. The image capture device 1-1 reads thepalm image. Similarly to the window terminal device 8, the ATM 6extracts the vein pattern (blood vessel image), verifies this, as veindata, against the vein data registered in the IC card 5 held by theuser, and authenticates the individual.

FIG. 2 and FIG. 3 show the configurations of the service/window terminaldevices 3, 8 of FIG. 1. As shown in FIG. 2, the terminal devices 3 and 8is mounted an application 30 and a vein authentication library (program)34. A vein sensor (palm image capture device) 1 and IC cardreader/writer 9 are connected to the terminal devices 3 and 8.

The IC card reader/writer 9 reads and writes the IC chip and magneticstrip of the IC card 5 of a user. A security access module (SAM) isprovided in the IC card reader/writer 9, and the module permits onlyauthenticated access, to maintain the security of the IC card 5.

As shown in FIG. 3, the palm image capture device 1-1 of FIG. 1 and FIG.2 has a sensor unit 18 mounted substantially in the center of the mainunit 10. The front guide 14 is provided in the front portion (on theuser side) of the sensor unit 18, and the rear guide 19 is provided inthe rear portion. The front guide 14 is constructed of a sheet oftransparent or substantially transparent synthetic resin.

The front guide 14 serves the purposes of guiding the hand of the userin the front and of supporting the wrist. Hence above the sensor unit18, the front guide 14 aids the user by guiding the wrist, and alsosupports the wrist. As a result, the attitude of the palm above thesensor unit 18, that is, the position, inclination, and size can beregulated above the sensor unit 18. The cross-sectional shape of thefront guide 14 has a vertical body and, in the top portion, a horizontalportion 14-1 to support the wrist. A depression 14-2 is formedcontinuously in the center of the horizontal portion 14-1, to facilitatepositioning of the wrist. The rear guide 19 serves to support thefingers.

As shown in FIG. 4, the sensor unit 18 is provided with an infraredsensor (CMOS sensor) and focusing lens 16, and with a distance sensor 15in the center, and on the periphery thereof with a plurality ofnear-infrared light-emitting elements (LEDs) 12. For example,near-infrared LEDs are provided in eight places on the periphery, toemit near-infrared rays upwards.

The readable region V of this sensor unit 18 is regulated by therelation between the sensor, focusing lens, and near-infrared lightemission region. Hence the position and height of the front guide 14 areset such that the supported wrist is positioned in the readable regionV.

When the hand 52 is extended with palm flat, the palm has maximum area,and moreover is flat, so that when the palm is subjected to imagecapture in the image capture region V of the sensor unit 18, an accuratevein pattern which can be used in registration and verification isobtained. When the distance from the sensor unit 18 to the palm iswithin a prescribed range, a sharp, focused image is obtained by thesensor 16 of the sensor unit 18.

Hence as shown in FIG. 4, by supporting the wrist 52 with the frontguide 14 above the sensor unit 18, the front guide 14 can guide andsupport the user's hand so that the position, inclination and height ofthe palm above the sensor unit 18 are made precise with respect to theimage capture range of the sensor unit 18.

Next, the automated transaction machine (ATM) of FIG. 1 is explained. Asshown in FIG. 5, the ATM 6 has, on the front face thereof, a cardinsertion/ejection inlet 6-4; a bankbook insertion/ejection inlet 6-5; apaper currency insertion/dispensing inlet 6-3; a coininsertion/dispensing inlet 6-2; and a user operation panel 6-1 foroperation and display.

In this example, the image capture device 1-1 is provided on the side ofthe user operation panel 6-1. The sensor unit 18 explained in FIG. 4 ismounted on the forward side of the main unit 10 of the image capturedevice 1. On the forward portion (on the user side) of the sensor unit18 is provided a front guide 14. The front guide 14 is constructed of asheet of synthetic resin, transparent or substantially transparent. Inorder to serve the purposes of guiding the hand of the user in the frontand of supporting the wrist, the cross-sectional shape of the frontguide 14 has a vertical body and, in the top portion, a horizontalportion 14-1 to support the wrist. A depression 14-2 is formedcontinuously in the center of the horizontal portion 14-1, to facilitatepositioning of the wrist.

Further, the sensor unit 18 of the main unit 10 faces rearward and isinclined upward, and a flat portion 22 is provided therebehind.

As shown in FIG. 6, the ATM 1 has a CIP (Card Reader Printer) unit 60having a card insertion/ejection inlet 6-4; a bankbook unit 64 having abankbook insertion/ejection inlet 6-5; a paper currency/coin countingunit 66 having a paper currency insertion/dispensing inlet 6-3 and acoin insertion/dispensing inlet 6-2; an attendant operation portion 65;a control unit 67; a user operation panel 6-1 (UOP) for operation anddisplay; and an image capture device (vein sensor) 1-1.

The CIP unit 60 has an IC card reader/writer 61 which reads and writesthe magnetic stripe and IC tip of an IC card 5; a receipt printer 63which records transactions on a receipt; a journal printer 62 whichprints the history of transaction on journal forms; and a securityaccess module (SAM) 70.

The bankbook unit 64 prints transactions on pages of a bankbook, andwhen necessary turns the pages. The attendant operation portion 65 isfor operations by an attendant, who can perform operations uponoccurrence of a fault or during inspections according to status display.The paper currency/coin counting unit 66 differentiates, counts, andstores inserted paper currency and coins, and counts and dispenses papercurrency and coins in the required quantities.

The control unit 67 communicates with the server 4, and has an ATMapplication 68 which controls ATM operation and an authenticationlibrary (program) 69 for authentication processing. A portion of thisATM application 68 controls biometrics authentication guidance screensof the UOP (user operation panel) 6-1 in connection with theauthentication library 69.

Biometrics Authentication Processing Method

FIG. 7 is a block diagram of BIOMETRICS authentication processing in oneembodiment of the invention, FIG. 8 explains the detected blood vesselimage in FIG. 7, and FIG. 9 explains verification processing in FIG. 7.

As shown in FIG. 7, the authentication library 34 of the service/windowterminal devices 3, 8 connected to the image capture device 1 execute aseries of registration and verification processing 34-1 to 34-5. Theauthentication library 69 of the control portion 67 in the ATM 6 executesimilar processing. The service/window terminal devices 3, 8 and thecontrol portion 67 of the ATM 6 have, for example, a CPU and varioustypes of memory, interface circuitry, and other circuits necessary fordata processing. The CPU executes a series of registration andverification processing 34-1 to 34-5. As explained below, the IC chip ofan IC card 5 also executes verification processing 34-3.

Distance/hand outline detection processing 34-1 receives the distancemeasured by the distance sensor 15 from the image capture device 1-1 andjudges whether the hand or other object is at a distance within aprescribed range from the sensor unit 18, and also detects the outlineof the hand from the image captured by the sensor unit 18 and judgesfrom the outline whether the image can be used in registration andverification processing. For example, the palm may not appearsufficiently in the image.

Guidance message output processing 34-5 outputs to the display of theservice/window terminal devices 3, 8 a message guiding the palm of thehand leftward, rightward, forward, backward, upward or downward when thedistance detected by the distance sensor 15 and the position of the handaccording to outline extraction indicates that the hand or similar isoutside the image capture range, and when the image captured cannot beused in registration and verification processing. By this means, thepalm of the user is guided over the image capture device 1.

Blood vessel image extraction processing 34-2 extracts a vein image fromthe image of the hand when hand outline detection processing 34-1 judgesthat an image has been captured with the hand held correctly. That is,as explained using FIG. 19 and FIG. 20, grayscale data of the image ofthe palm such as that of FIG. 9 is obtained through differences inreflectivity. The vein pattern image is an image like that shown in FIG.8; the data is grayscale data such as that in FIG. 9. START

Registered blood vessel image retrieval processing 34-4 retrievesregistered blood vessel image data A, B corresponding to the individualID (account number) from the storage portion of the IC tip in the ICcard 5 shown in FIG. 1, FIG. 2 and FIG. 6. Verification processing 34-3compares the blood vessel image data N1 detected in the blood vesselimage detection processing 34-2 with the registered blood vessel imagedata N2 as shown in FIG. 9, performs verification processing, andoutputs the verification result.

Registration processing 34-5 divides the detected blood vessel imagedata into comparatively coarse-level blood vessel image data A andcomparatively fine-level blood vessel image data B, as shown in FIG. 13,and stores the results in the IC chip 50 of the IC card 5, via the ICcard reader/writer 9.

In such a blood vessel image authentication system, the simultaneousachievement of confidentiality of blood vessel image data and fasterauthentication processing is advantageous for rapid biometricsauthentication.

Biometrics Characteristic Data Registration Processing

Next, the biometrics characteristic data registration processingexplained in FIG. 7 is explained in FIG. 10 through FIG. 13. FIG. 10shows the flow of biometrics characteristic data registration processingin the IC card 5; FIG. 11 and FIG. 12 explain vein data registration inFIG. 10; and FIG. 13 explains the registration data A, B.

(S10) First, a user who has applied for IC card biometricsauthentication presents his IC card and driver's license or otherpersonal identification at the bank window area, and is authenticated bythe issuing source of the IC card.

(S12) Upon being confirmed to be the individual in question, the userplaces his hand over the image capture device 1 to be captured an imageof his palm.

(S14) As explained above, the registered blood vessel image data A, B iscreated from a captured image and is registered in the IC card 5.Registration processing is explained using FIG. 11 through FIG. 13. Asshown in FIG. 11 and FIG. 12, image data (plain data) R captured by theimage capture device 1 is scrambled using a prescribed algorithm, and istransmitted to the authentication libraries 34 of the service/windowterminal devices 3 and 8. In the authentication libraries 34, thetransmitted image data is descrambled and returned to plain data. Theauthentication library 34 creates the registration data A, B from theplain data R. As shown in FIG. 13, the plain data (blood vessel imagedata) R can be classified into trunk Aa, thick branch Ab, and finebranch Ac leading to thick branch Ab, as is seen in FIG. 8. The trunk A1and thick branch A2 are divided into the comparatively coarsecharacteristic data A, and the thin branch Ac is classified as thecomparatively finer characteristic data B, to create the registrationdata A, B. The registration data A is comparatively coarse, and so doesnot include finer characteristics, but indicates only roughercharacteristics. The registration data B is comparatively finer, and soindicates finer characteristics.

Hence the registration data A is scrambled in the authentication library34, and the scrambled registration data A is stored in the IC chip 50 ofthe IC card 5. On the other hand, the registration data B requiresgreater security. Therefore the data B is scrambled by theauthentication library 34, and the scrambled registration data B is sentto the security access module 90 of the IC card reader/writer 9. Thesecurity access module 90 descrambles and encrypts the scrambleregistration data B by using a secret key. The result is sent to theauthentication library 34, and from the authentication library 34, theencrypted registration data B is sent to the IC chip 50 of the IC card5. The CPU of the IC chip 50 decrypts the data B by using the secretkey, and stores the registration data B in the memory of the IC chip 50.

(S16) Next, execution proceeds to registration confirmation processing.That is, trial authentication is performed. For this purpose, the useragain places his hand over the image capture device 1, to capture animage of his palm.

(S18) A series of verification (analysis and verification) operationsare performed using the authentication processing of FIG. 14 and later.

(S20) Similarly, secondary verification (final verification) isperformed using the authentication processing of FIG. 14 and later. As aresult, the validity of registration data A and B for authentication isconfirmed.

In this way data is scrambled, transmitted, and the registration data Bwhich is more important for authentication is also encrypted. Theencryption and decryption are performed not at the service/windowterminals 3, 8, but on the side of the IC card reader/writer 9, so thatit is difficult for the encryption key and encryption algorithm to beidentified on the side of the service/window terminal devices, andsecurity is enhanced. At the time of registration, the CPU of the ICchip 50 in the IC card 5 performs only decryption processing ofregistration data B, and so the load imposed is small.

Further, because trial authentication is performed, the validity of theregistration data A and B can be confirmed. Upon the end ofregistration, the plain data is automatically erased by theauthentication library 34, so that confidentiality is further improved.

Biometrics Characteristic Data Verification Processing

Next, the biometrics characteristic data verification processingexplained in FIG. 7 is further explained in FIG. 14 through FIG. 18.FIG. 14 shows the flow of transaction processing, including biometricscharacteristic data verification processing using an IC card 5; FIG. 15and FIG. 16 explain the vein data verification of FIG. 14.

(S30) First, the transaction is selected. At the window area, a userfills in a slip, and a teller performs input.

(S32) The user inserts the IC card 5 of the user into the IC cardreader/writer 9, and the reader/writer 9 reads the magnetic stripe data(account number and similar) of the IC card 5.

(S34) Next, the user places his hand over the image capture device 1,and an image of the palm is captured.

(S36) Using the registration data A of the IC card 5, primaryverification (analysis verification) is performed by the authenticationlibraries 34 of service/window terminal devices 3 and 8. That is, asshown in FIG. 15 and FIG. 16, the image data (plain data) C captured bythe image capture device 1 is scrambled using a prescribed algorithm,and is transmitted to the authentication libraries 34 of theservice/window terminal devices 3 and 8. At the authentication library34, the transmitted image data is descrambled to return it to plaindata. Next, the authentication library 34 reads scrambled registrationdata A from the IC card 5 and performs descrambling. In the example ofFIG. 13, the registration data is returned to the comparatively coarseregistration data A of trunks A1 and thick branches A2.

Next, the plain data and registration data A are aligned, and finalverification data B′ is created from the plain data if alignment issuccess. That is, the fine branches Ac of the plain data create thefinal verification data B′ as the comparatively fine characteristicdata. The authentication library 34 scrambles this final verificationdata B′ and transmits it to the IC chip 50 of the IC card 5.

(S38) Next, final verification is performed within the IC card 5. Thatis, the CPU of the IC chip 50 in the IC card 5 descrambles the scrambledfinal verification data B′, and performs verification against theregistration data B in memory. The verification result is presented tothe authentication library 34.

(S40) If the verification result is satisfactory, a password number isinput, and this is compared with the registered password numbercorresponding to the account number read from the magnetic stripe of theIC card 5.

(S42) If the result of password number comparison is satisfactory, theuser inputs an amount.

(S44) The user confirms the transaction.

(S46) As a result, the service/window terminal device 3 and 8communicates with the host. Upon a response from the host, cash ispassed to the user in the case of withdrawal, and transfer confirmationis passed to the user in the case of fund transfer.

Thus data is scrambled and transmitted, and registration data B which ismore important for authentication is stored within the IC card 5.Because the registration data A is registered in the IC card 5 inscrambled form, when the IC card 5 pass the data A to the authenticationlibrary 34, scrambling processing need not be performed within the ICcard 5. Processing performed within the IC card 5 is descrambling andverification of the final verification data. Hence security is furtherimproved, and the load on the CPU of the IC chip 50 in the IC card 5 isreduced.

FIG. 17 and FIG. 18 explain transaction processing, including biometricsauthentication processing, in an automated transaction machine.

(S50) First the transaction is selected. The transaction is selected onthe UOP 6-1 of the ATM 6.

(S52) The user inserts an IC card 5 into the IC card reader/writer 9,which reads the magnetic stripe data (account number and similar).

(S54) Next, the user places his hand over the image capture device 1-1,and an image of the palm is captured.

(S56) Similarly to step S36, the registration data A of the IC card 5 isused to perform primary verification (analysis verification) in theauthentication library 69 of the control portion 67 in the ATM 6.

(S58) Next, similarly to step S38, final verification is performedwithin the IC card 5.

(S60) If the verification result is satisfactory, the password number isinput from the UOP 6-1, and this is compared with the registeredpassword number corresponding to the account number read from themagnetic stripe of the IC card 5. If the password verification result issatisfactory, the user inputs an amount to the UOP 6-1. The userconfirms the amount, and communication with the host takes place.

(S62) Upon response from the host, the amount of cash is counted in thecase of withdrawal, and a receipt is printed. The IC card 5 and receiptare returned to the user, and cash is dispensed.

Other Embodiments

In the above-described embodiment, authentication using palm veinpatterns was explained; but application to authentication using fingervein patterns, palm prints and other characteristics of the palm, aswell as to fingerprints, facial features, and other biometricsauthentication is also possible. Automated teller machines at financialinstitutions were explained, but application to automated ticketdispensing machines, automated vending machines, and automated equipmentin other fields, as well as to computers, the opening and closing ofdoors requiring individual authentication, use in place of keys, andother tasks is also possible.

In the above, embodiments of this invention have been explained; butvarious modifications can be made within the scope of the invention, andthese modifications are not excluded from the scope of the invention.

Even when primary and secondary verification are performed by differentunits, the data is scrambled and transmitted, and moreover registrationdata B which is more important to authentication is stored within the ICcard 5, and registration data A is registered in the IC card 5 in ascrambled state, so that scrambling processing need not be performed bythe IC card. Because processing performed within the IC card is finalverification data descrambling and verification, security can be furtherenhanced, and the load on the CPU of the IC chip in the IC card can bereduced.

1. A biometrics authentication device for verifying a detectedbiometrics characteristics data against a registered biometricscharacteristic data, comprising: an image capture device, which capturesan image of a living body part, scrambles by scramble/descramble methodin which an original data is restored by descrambling scrambled originaldata and transmits an image data of the captured image; an IC cardreader/writer, which reads and writes an IC card storing comparativelycoarse first biometrics characteristic data and comparatively finesecond biometrics characteristic data of a user, said IC card storingsaid first characteristics data in a scrambled state and said secondcharacteristics data in a non-scrambled state; and a control unitseparately provided with said IC card reader/writer, which descramblessaid scrambled image data from the image capture device by saidscramble/descramble method, receives scrambled first biometricscharacteristic data from said IC card, descramble said scrambled firstbiometrics characteristic data, performs primary verification of saidimage data with said first biometrics characteristic data, creates finalverification data from said image data when the primary verification issuccess, and scrambles by said scramble/descramble method and transmitsto said IC card said final verification data, and wherein said IC carddescrambles said scrambled final verification data by saidscramble/descramble method, and performs secondary verification withsaid stored second biometrics characteristic data, and wherein saidimage capture device comprises a unit to capture images of blood vesselsof a living body of said user, and wherein said first biometricscharacteristic data is comparatively coarse characteristic data of saidblood vessel image of said user, and said second biometricscharacteristic data is comparatively fine characteristic data of saidblood vessel image of same said user.
 2. The biometrics authenticationdevice according to claim 1, wherein said control unit aligns said imagedata and said first biometrics characteristic data and creates the finalverification data from the image data.
 3. The biometrics authenticationdevice according to claim 1, wherein said control unit, at the time ofregistration of said biometrics characteristic data, descrambles saidscrambled image data from the image capture device, creates thecomparatively coarse first biometrics characteristic data and thecomparatively fine second biometrics characteristic data for said userfrom said descrambled image data, scrambles and transmits to said ICcard said first biometrics characteristic data, and transmits to said ICcard said encrypted second biometrics characteristic data, and whereinsaid IC card stores said scrambled first biometrics data, and decryptsand stores said encrypted second biometrics characteristic data.
 4. Thebiometrics authentication device according to claim 3, wherein saidcontrol unit scrambles said final verification data and transmits thescrambled final verification data to said IC card reader/writer, andwherein said IC card reader/writer descrambles and encrypts saidscrambled final verification data and transmits the encrypted finalverification data to said control unit.
 5. The biometrics authenticationdevice according to claim 1, wherein said image capture device comprisesa unit to capture images of blood vessels of a palm of said user.
 6. Abiometrics authentication method for verifying detected biometricscharacteristic data from a living body against registered biometricscharacteristic data for individual authentication of a user, comprisingthe steps of: capturing an image of said living body, and scrambling byscramble/descramble method in which an original data is restored bydescrambling scrambled original data and transmitting an image data ofthe captured image to control unit; descrambling said transmittedscrambled image data by said scramble/descramble method into saidcontrol unit; receiving comparatively coarse first biometricscharacteristic data of a user, in a scrambled state, from said IC cardwhich stores said first characteristics data in a scrambled state andstores said second characteristics data in a non-scrambled state;performing primary verification of said image data with said firstcharacteristic data after descrambled, and creating final verificationdata from said image data when the primary verification is success intosaid control unit; scrambling by said scramble/descramble method andtransmitting to said IC card said final verification data; anddescrambling said final verification data by said scramble/descramblemethod, and performing secondary verification with said stored secondcharacteristic data, in said IC card, wherein said captured imagecomprises a blood vessel image of said living body, and wherein saidfirst biometrics characteristic data is comparatively coarsecharacteristic data of said blood vessel image of said user, and saidsecond biometrics characteristic data is comparatively finecharacteristic data of said blood vessel image of same said user.
 7. Thebiometrics authentication method according to claim 6, wherein saidcreation step comprises: a step of aligning said image data and saidfirst biometrics characteristic data; and a step of creating said finalverification data from said image data.
 8. The biometrics authenticationmethod according to claim 6, further comprising a step of registeringsaid characteristic data, wherein said registering step comprises thesteps of: descrambling said scrambled image data from image capturedevice into said control unit; creating, from said descrambled imagedata, comparatively coarse first biometrics characteristic data andcomparatively fine second biometrics characteristic data of said user;scrambling said first biometrics characteristic data, and transmittingthe scrambled first biometrics characteristics data to said IC card;transmitting encrypted second biometrics characteristic data to said ICcard; decrypting said encrypted second biometrics characteristic data;and storing the scrambled first biometrics character data and thedecrypted second biometrics characteristics data, in said IC card. 9.The biometrics authentication method according to claim 8, furthercomprising the steps of: scrambling said final verification data andtransmitting the scrambled final verification data to an IC cardreader/writer; descrambling and encrypting said scrambled finalverification data in said IC card reader/writer; and transmitting saidencrypted final verification data to said control unit from said IC cardreader/writer.
 10. The biometrics authentication method according toclaim 6, wherein said blood vessel image comprises blood vessels of apalm of said user.